[Secure-testing-commits] r8016 - data/CVE

joeyh at alioth.debian.org joeyh at alioth.debian.org
Wed Jan 23 09:14:14 UTC 2008 

Author: joeyh
Date: 2008-01-23 09:14:13 +0000 (Wed, 23 Jan 2008)
New Revision: 8016

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2008-01-23 00:39:22 UTC (rev 8015)
+++ data/CVE/list	2008-01-23 09:14:13 UTC (rev 8016)
@@ -1,3 +1,119 @@
+CVE-2008-0410
+	RESERVED
+CVE-2008-0409
+	RESERVED
+CVE-2008-0408
+	RESERVED
+CVE-2008-0407
+	RESERVED
+CVE-2008-0406
+	RESERVED
+CVE-2008-0405
+	RESERVED
+CVE-2008-0404 (Cross-site scripting (XSS) vulnerability in Mantis before 1.1.1 allows ...)
+	TODO: check
+CVE-2008-0403 (The web server in Belkin Wireless G Plus MIMO Router F5D9230-4 does ...)
+	TODO: check
+CVE-2008-0402 (Unspecified vulnerability in IBM WebSphere Business Modeler Basic and ...)
+	TODO: check
+CVE-2008-0401 (Unspecified vulnerability in the HTTP server in IBM Tivoli ...)
+	TODO: check
+CVE-2008-0400 (Cross-site scripting (XSS) vulnerability in header.tpl.php in the ...)
+	TODO: check
+CVE-2008-0399 (Multiple buffer overflows in Toshiba Surveillance (Surveillix) ...)
+	TODO: check
+CVE-2008-0398 (Cross-site scripting (XSS) vulnerability in aflog 1.01, and possibly ...)
+	TODO: check
+CVE-2008-0397 (Multiple SQL injection vulnerabilities in aflog 1.01, and possibly ...)
+	TODO: check
+CVE-2008-0396 (Directory traversal vulnerability in BitDefender Update Server ...)
+	TODO: check
+CVE-2008-0395 (Kayako SupportSuite 3.11.01 allows remote attackers to obtain server ...)
+	TODO: check
+CVE-2008-0394 (Buffer overflow in Citadel SMTP server 7.10 and earlier allows remote ...)
+	TODO: check
+CVE-2008-0393 (Directory traversal vulnerability in info.php in GradMan 0.1.3 and ...)
+	TODO: check
+CVE-2008-0392 (Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition ...)
+	TODO: check
+CVE-2008-0391 (inc/elementz.php in aliTalk 1.9.1.1 does not properly verify ...)
+	TODO: check
+CVE-2008-0390 (stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows ...)
+	TODO: check
+CVE-2008-0389 (Unspecified vulnerability in the serveServletsByClassnameEnabled ...)
+	TODO: check
+CVE-2008-0388 (SQL injection vulnerability in the WP-Forum 1.7.4 plugin for WordPress ...)
+	TODO: check
+CVE-2008-0387
+	RESERVED
+CVE-2008-0386
+	RESERVED
+CVE-2008-0385
+	RESERVED
+CVE-2008-0384 (OpenBSD 4.2 allows local users to cause a denial of service (kernel ...)
+	TODO: check
+CVE-2008-0383 (Multiple SQL injection vulnerabilities in MyBB 1.2.10 and earlier ...)
+	TODO: check
+CVE-2008-0382 (Multiple eval injection vulnerabilities in MyBB 1.2.10 and earlier ...)
+	TODO: check
+CVE-2008-0381 (Unspecified vulnerability in Mahara before 0.9.1 has unknown impact ...)
+	TODO: check
+CVE-2008-0380 (Buffer overflow in the Digital Data Communications RtspVaPgCtrl ...)
+	TODO: check
+CVE-2008-0379 (Race condition in the Enterprise Tree ActiveX control ...)
+	TODO: check
+CVE-2008-0378 (Stack-based buffer overflow in SocksCap 2.40-051231 and earlier, when ...)
+	TODO: check
+CVE-2008-0377 (MicroNews allows remote attackers to bypass authentication and gain ...)
+	TODO: check
+CVE-2008-0376 (PHP remote file inclusion vulnerability in inc/linkbar.php in Small ...)
+	TODO: check
+CVE-2008-0375 (Unspecified vulnerability in OKI C5510MFP Printer CU H2.15, PU ...)
+	TODO: check
+CVE-2008-0374 (OKI C5510MFP Printer CU H2.15, PU 01.03.01, System F/W 1.01, and Web ...)
+	TODO: check
+CVE-2008-0373 (Unrestricted file upload vulnerability in PHP F1 Max's File Uploader ...)
+	TODO: check
+CVE-2008-0372 (8e6 R3000 Internet Filter 2.0.05.33, and other versions before 2.0.11, ...)
+	TODO: check
+CVE-2008-0371 (Multiple SQL injection vulnerabilities in aliTalk 1.9.1.1, when ...)
+	TODO: check
+CVE-2008-0370 (Cross-site scripting (XSS) vulnerability in dohtaccess.html in cPanel ...)
+	TODO: check
+CVE-2008-0369 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.x ...)
+	TODO: check
+CVE-2008-0368 (Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.x ...)
+	TODO: check
+CVE-2008-0367 (Mozilla Firefox 2.0.0.11, 3.0b2, and possibly earlier versions, when ...)
+	TODO: check
+CVE-2008-0366 (CORE FORCE before 0.95.172 does not properly validate arguments to ...)
+	TODO: check
+CVE-2008-0365 (Multiple buffer overflows in CORE FORCE before 0.95.172 allow local ...)
+	TODO: check
+CVE-2008-0364 (Buffer overflow in (1) BitTorrent 6.0 and earlier; and (2) uTorrent ...)
+	TODO: check
+CVE-2008-0363 (Multiple SQL injection vulnerabilities in Clever Copy 3.0 and earlier ...)
+	TODO: check
+CVE-2008-0362 (Cross-site scripting (XSS) vulnerability in gallery.php in Clever Copy ...)
+	TODO: check
+CVE-2008-0361 (Directory traversal vulnerability in agregar_info.php in GradMan 0.1.3 ...)
+	TODO: check
+CVE-2008-0360 (Multiple SQL injection vulnerabilities in BLOG:CMS 4.2.1b allow remote ...)
+	TODO: check
+CVE-2008-0359 (Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1b ...)
+	TODO: check
+CVE-2008-0358 (SQL injection vulnerability in index.php in Pixelpost 1.7 allows ...)
+	TODO: check
+CVE-2008-0357 (Directory traversal vulnerability in pages/upload.php in Galaxyscripts ...)
+	TODO: check
+CVE-2008-0356 (Buffer overflow in the Independent Management Architecture (IMA) ...)
+	TODO: check
+CVE-2008-0355 (SQL injection vulnerability in index.php in the forum module in ...)
+	TODO: check
+CVE-2008-0354 (Cross-site scripting (XSS) vulnerability in the chat client in IBM ...)
+	TODO: check
+CVE-2008-0353 (SQL injection vulnerability in visualizza_tabelle.php in php-residence ...)
+	TODO: check
 CVE-2008-XXXX [firebird DoS]
 	- firebird2.0 2.0.3.12981.ds1-4 (bug #460048)
 	TODO: check firebird2
@@ -49,7 +165,7 @@
 	NOT-FOR-US: Aria ERP (not the aria we ship)
 CVE-2008-0331 (Unspecified vulnerability in Funkwerk System Software before 7.4.1 ...)
 	NOT-FOR-US: Funkwerk 
-CVE-2008-0330 (Radiator before 4.0 allows remote attackers to cause a denial of ...)
+CVE-2008-0330 (Open System Consultants (OSC) Radiator before 4.0 allows remote ...)
 	NOT-FOR-US: Radiator
 CVE-2008-0329 (LulieBlog 1.0.1 and 1.0.2 does not restrict access to (1) ...)
 	NOT-FOR-US: LulieBlog
@@ -244,7 +360,7 @@
 	NOT-FOR-US: PHP Webquest
 CVE-2008-0248 (Buffer overflow in an ActiveX control in ccpm_0237.dll for StreamAudio ...)
 	NOT-FOR-US: StreamAudio ChainCast ProxyManager
-CVE-2008-0247 (Heap-based buffer overflow in IBM Tivoli Storage Manager (TSM) Express ...)
+CVE-2008-0247 (Heap-based buffer overflow in the Express Backup Server service ...)
 	NOT-FOR-US: IBM Tivoli Storage Manager
 CVE-2008-0246 (admin.php in UploadScript 1.0 does not check for the original password ...)
 	NOT-FOR-US: UploadScript
@@ -526,8 +642,7 @@
 	NOT-FOR-US: Instant Softwares Dating Site
 CVE-2008-0129 (SQL injection vulnerability in starnet/addons/slideshow_full.php in ...)
 	NOT-FOR-US: Site at School
-CVE-2008-0128 [Tomcat does not enforce HTTPS for SSO cookies]
-	RESERVED
+CVE-2008-0128 (The SingleSignOn Valve ...)
 	{DSA-1468-1}
 	- tomcat5 <removed> (unimportant)
 	NOTE: SSO cookies not working in 5.0, have only been fixed in 5.5.13, see #34724
@@ -690,8 +805,8 @@
 	RESERVED
 CVE-2008-0066
 	RESERVED
-CVE-2008-0065
-	RESERVED
+CVE-2008-0065 (Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, ...)
+	TODO: check
 CVE-2008-0064
 	RESERVED
 CVE-2008-0063
@@ -1324,16 +1439,13 @@
 	- asterisk 1:1.4.16.2~dfsg-1 (low; bug #457063)
 	[etch] - asterisk <no-dsa> (Minor issue, eventually fix in a later DSA)
 	[sarge] - asterisk <not-affected> (Vulnerable code not present)
-CVE-2007-6429
-	RESERVED
+CVE-2007-6429 (Multiple integer overflows in X.Org Xserver before 1.4.1 allow ...)
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
-CVE-2007-6428
-	RESERVED
+CVE-2007-6428 (The ProcGetReservedColormapEntries function in the TOG-CUP extension ...)
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
-CVE-2007-6427
-	RESERVED
+CVE-2007-6427 (The XInput extension in X.Org Xserver before 1.4.1 allows ...)
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
 CVE-2007-6426
@@ -1868,8 +1980,7 @@
 	RESERVED
 CVE-2008-0007
 	RESERVED
-CVE-2008-0006
-	RESERVED
+CVE-2008-0006 (Buffer overflow in (1) X.Org Xserver before 1.4.1 and (2) the Sun ...)
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
 	- libxfont 1:1.3.1-2
@@ -2523,8 +2634,7 @@
 	- iceape 1.1.7-1
 	- xulrunner 1.8.1.11-1
 	NOTE: MFSA2007-38
-CVE-2007-5958
-	RESERVED
+CVE-2007-5958 (X.Org Xserver before 1.4.1 allows local users to determine the ...)
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
 CVE-2006-7229 (The skge driver 1.5 in Linux kernel 2.6.15 on Ubuntu does not properly ...)
@@ -3036,8 +3146,7 @@
 	NOT-FOR-US: Novell NetWare Client
 CVE-2007-5761 (The NantSys device 5.0.0.115 in Motorola netOctopus 5.1.2 build 1011 ...)
 	NOT-FOR-US: Motorola netOctopus
-CVE-2007-5760
-	RESERVED
+CVE-2007-5760 (Array index error in the XFree86-Misc extension in X.Org Xserver ...)
 	{DSA-1466-2 DTSA-110-1}
 	- xorg-server 2:1.4.1~git20080105-2
 CVE-2007-5759

More information about the Secure-testing-commits mailing list